Updating user metadata

[julien51]

Supporting multiple or customizable recipients introduced challenges to store/save metadata.

We need to move to a state where the following happens:

• When submitting metadata, all requests need to be signed and we should store the "signer" as a new field in the table
• If no metadata exists for an address, we store it (whoever the sender is, but as per above, we keep track of the signer)
• If metadata exists AND the signer matches the signer, we update it
• If the metadata exists BUT the signer does not match the signer, we do not update it.

In the context of "bulk" (multiple) metadadata at once, the API response should return the state for each address: stored, updated, unchanged and the UI will be able to indicate to the signer for each recipient if metadata was saved or not.

We should add a UI on the keychain for the key owner to view + update their metadata only.

[searchableguy]

1. For clarification, we don't need explicit signature here. As long as user is logged in via SIWE, we know which address is updating metadata.

2. I think we should call it updatedBy field in metadata.

This will help in situation where the user who got the key from someone else update the metadata from key chain. Now this metadata should not be allowed to be modified by the original purchaser of the key since updatedBy changes to the key owner.

The original purchaser cannot override metadata provided by the key owner in checkout flow again.

[julien51]

For clarification, we don't need explicit signature here. As long as user is logged in via SIWE, we know which address is updating metadata.

Oh yes, you are correct

I think we should call it updatedBy field in metadata.

Works for me!

[julien51]

Let's close this one for now.